FoxCERT estimated that approximately 2 GB of data was transferred from TU/e systems to the threat actor. Niet best. FoxCERT supported TU/e throughout the recovery process. By analyzing compromised systems and identifying what the threat actor had done, they guided TU/e staff on the most effective methods to restore impacted systems and accounts Men heeft dus ge-restored. Hierdoor is er data verloren! Men is binnen geweest en had dus totale controle over de infrastructuur. Eigenlijk had alles ge-restored moeten worden maar dat is niet gedaan. men is in principe dus niet "in control" The threat actor subsequently changed the password of a dormant break glass account and configured it to be able to logon to other systems within the TU/e network Deze totale controle durfde men niet naar buiten te brengen. Slappe hap. Bang voor de consequenties. AnyDesk and TeamViewer, two common remote administration tools, were installed on multiple systems providing the threat actor with remote access to those ...